Government

A Tempe, Arizona man was arrested Tuesday for allegedly taking part in the June 2011 attack on Sony Pictures Entertainment Inc.’s network, in which passwords and other personal data was stolen from one million user accounts.Raynaldo Rivera, 20, was charged with conspiracy and unauthorized impairment of a protected computer, which could earn him up to 15 years in prison if he is found guilty. He was ordered to appear in a Los Angeles courtroom Sept. 14.

The Air Force Life Cycle Management Center (AFLCMC) posted a broad agency announcement [PDF] recently, calling on contractors to submit concept papers detailing technological demonstrations of ‘cyberspace warfare operations’ (CWO) capabilities.

As security defenses have advanced and become more adaptive in the last decade, malware authors and attackers have had to respond, looking for new ways to get their malicious software onto PCs or exploit previously unknown vulnerabilities. One target is the system BIOS, the low-level instruction set that loads when the computer boots, and now the U.S. government has released some draft specifications for helping to secure BIOS implementations.

The U.S. Federal Trade Commission today announced it had finalized its settlement with Facebook, which is  now subject to biennial privacy audits for the next 20 years and requires its nearly 1 billion users opt in to any future privacy policy changes.

In an unprecedented move, the Federal Communications Commission ended a 10-month investigation of Verizon Wireless with a $1.25 million settlement for restricting Android customer access to “tethering” software used to relay Internet signals to other devices.

LAS VEGAS–It’s not difficult to find people here who are excited about security. There are roughly 10,000 of them in town this week. But there’s a smaller group of people who are on a different level, who are so passionate and amped up about their ideas that they can’t stop themselves from talking about them. Shawn Henry is one of those people.

Black Hat is upon us and, with it, a lot of chatter about the dangers posed by so-called “APT,” or advanced persistent threats. Rather than get trapped in the hype bubble, Threatpost editor Paul Roberts took the opportunity to check back in with a recognized expert on detecting and combating APT-style attacks: Amit Yoran, the former CEO of NetWitness Corp. and now a Senior Vice President at RSA, The Security Division of EMC. Yoran says that the darkest days may yet be ahead in the fight against APT style attacks, with mounting attacks and a critical shortage of security talent. To cope, both private sector firms and the government need to stop fighting the last war and pivot to the kinds of practices and monitoring that can spot sophisticated attackers.